The is_a function in PHP 5.3.7 and 5.3.8 triggers a call to the __autoload function, which makes it easier for remote attackers to execute arbitrary code by providing a crafted URL and leveraging potentially unsafe behavior in certain PEAR packages and custom autoloaders.
References
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: redhat
Published: 2011-11-03T15:00:00
Updated: 2012-02-14T10:00:00
Reserved: 2011-08-30T00:00:00
Link: CVE-2011-3379
JSON object: View
NVD Information
Status : Modified
Published: 2011-11-03T15:55:00.840
Modified: 2012-07-03T04:02:42.110
Link: CVE-2011-3379
JSON object: View
Redhat Information
No data.
CWE